Wednesday 4 October 2017

How to Securely Wipe the Free Space on Your Windows PC

This is mostly copied from an excellent article on the GroovyPost Website by Lori Kaufman, Oct 3 2017
with some additional text by me

Original article


When you delete files from your hard drive, did you know that the file never actually gets deleted from your hard drive and is normally able to be recovered using readily available recovery tools? Normally this isn’t an issue as we use our computer each day. However, if you’re planning to sell or donate your computer and don’t want your old data to be recoverable, follow the steps below to wipe the free space on your hard drive. The process is the same and will work on Windows 7, 8 and Windows 10.

People often say to me “there is nothing on my hard drive that I care about if someone sees”,  but bear in mind that an experienced hacker can build a profile of someone from a set of files on a PC, and can often guess passwords, or find those passwords within those files. This leaves a person vulnerable to Identity theft, with all the ensuing headaches.

What really happens when you delete a file?
When you delete a file on your computer, the only thing that’s removed is the reference to it in the master file table. The file still exists on your hard drive, however Windows just doesn’t know where the file is. This is because as mentioned earlier, you’re only removing the indexes and the links to the data and telling Windows it has permission to overwrite that area of the hard drive.
So, until (and possibly after) the data is written over, it can be recovered by special tools or the right set of skills. The tools, or an experienced hacker, can scan the hard drive and look for the files and restore the links and indexes so Windows can see the files again. If you’re selling a computer, or even disposing of one, you should securely wipe the free space on your PC’s hard drive so the files cannot be recovered.
(if the computer is old, and is simply headed for the recycle depot, you could just remove the hard drive and drill a hole in it, to render it inoperable, but make sure that hole, or holes, goes right through the middle of the hard drive)
Here is how to use the cipher command on the command line to securely write over the free space several times to make sure no data can be recovered. There are also some third-party tools that do the same thing.

Cipher
Before using the cipher command to securely overwrite the free space on your hard drive, be sure you quit all programs. That ensures the maximum amount of free space is securely wiped.
Click the Cortana icon or the Search icon on the Taskbar and start typing “command prompt”. Then, click Command Prompt under Best match.

 













Type the following command at the prompt and press Enter.
cipher /w:C






 



Data that is not allocated to any files or folders
is overwritten three times and permanently removed. This can take a long time
if you are overwriting a large amount of free space.



Cipher goes through the following steps as it
securely wipes the free space on your hard drive.



1.   
The cipher command automatically creates a new
folder on the C drive called EFSTMPWP and then creates a file in that folder with
nothing but zeros in it. It will grow until the hard drive fills up.



2.   
Then, cipher deletes that file and creates a second
file which is filled with the number 255 repeatedly until the file grows big
enough to fill the free space on the hard drive again.



3.   
Next, cipher deletes the second file, creates a
third file, and fills that with random numbers until your hard drive is full
again.



4.   
Finally, cipher deletes the third file and returns
you to the prompt. Type exit at the
prompt to close the Command Prompt window.



So, essentially, cipher wrote over the free space
(old files) on your hard drive three times to make sure no one could ever scan
your hard drive and recover the data you deleted from it.



If you watch your hard drive space, as cipher does
its thing, don’t be surprised when you see your hard drive fill up. This is
normal as mentioned in the steps above and the space will be freed again.





















CCleaner



If you’re not comfortable using the command line, there’s a free
utility called CCleaner that allows you to
securely wipe the free space on your hard drive.



Be sure
you install or update to the latest version. 



There are two
versions of CCleaner, free and paid. The feature that wipes the free space on
your hard drive is available in the free version, so that will do just fine.



Once you’ve downloaded CCleaner and
installed it, or updated it, open the program and click Tools on
the left pane. Choose Free Space Only from the Wipe drop-down
list. Make sure you DO NOT select Entire Drive, as this will
erase ALL the files on your hard drive—unless that is what you mean to do.
If you’re getting rid of the PC, you can use the Entire Drive option to
wipe the entire drive. Be very careful when making this selection.



Select the type of overwrite procedure you want from the Security drop-down
list. Simple
Overwrite is fine for most situations. However, if you
want CCleaner to behave like the cipher command, select Advanced Overwrite (3 passes).
Finally, select the drive on which you want to securely wipe the free space in
the Drives box
and click Wipe.



































Eraser



Another option
for making sure your deleted data cannot be recovered is to delete your files
and folders securely in the first place.



Eraser is a
free, advanced security tool for Windows that allows you to securely delete
data from your hard drive by overwriting it several times with carefully
selected patterns, like the cipher command and CCleaner. The difference is you can
do this when you delete the files and folders, not after. You can also securely
wipe the free space on your hard drive to be extra safe.



When you download Eraser and
install it, an option is added to the context (right-click) menu in File
Explorer. Instead of deleting files and folders normally by pressing the Delete key,
sending them to the recycle bin, and then emptying the recycle bin, you can use
Eraser directly in File Explorer to securely delete files and folders.



To securely delete one or more files or folders, select what you
want to delete, right-click on the selection, and then go to Eraser > Erase on
the popup menu.





















If you are
uncomfortable with any of these options, but you are selling, gifting, or disposing
of a PC, ask someone you trust to run one of these commands or software options
for you. Even if you have to pay  for
their time, it’s worth it for the peace of mind of knowing that your data
cannot be compromised.










Posted by



at







































1 comment:








  1. Wishes24 December 2022 at 07:19
    This comment has been removed by a blog administrator.
    ReplyDelete











Add a comment















        

      









Subscribe to:
Post Comments (Atom)